CVE-2011-3581

EPSS 5.2%

ldns - buffer overflow

Published: 11/4/2011Modified: 5/29/2026

Description

Heap-based buffer overflow in the ldns_rr_new_frm_str_internal function in ldns before 1.6.11 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Resource Record (RR) with an unknown type containing input that is longer than a specified length.

Affected packages (2)

Debian/ldnsfrom 0, < 1.6.11-1
Debian/ldnsfrom 0, < 1.6.6-2+squeeze1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2011-3581